To request an access token, send a Post request containing your Client Id and Client Secret to the Conga Sign authentication service.

Production Environment

Access Token:

POST /api/v1/auth/connect/token
Content-Type: application/x-www-form-urlencoded

Sandbox Environment

Access Token:

POST /api/v1/auth/connect/token
Content-Type: application/x-www-form-urlencoded



If successful, an access token will be returned in the response body.

Example Response

Sample successful response body

    "access_token": "eyJraWQiOiJmMTJlaE02ZEpmMVhja20wR2hXMUVJMGxPNTQ2dEppXC9NXC9T....",
    "expires_in": 3600
	"token_type": "Bearer",
	"scope": "sign"

The access token contains the following fields:

access_tokenThe value of the access token. This value will be added to the Authorization header of all Conga Sign API calls.
expires_inThe expiration date of your access token. When your access token expires, your application will have to request a new access token.
scopeThe resources you are requesting access to. This should be sign
grant_typeThe method of authentication that is used. Using Client Id and Client Secret, this grant type should be client_credentials . 

The access token granted by JWT Grant expires at the given time, and no refresh token is provided. After the token expires, you must reauthenticate for a new access token.

Otherwise, the operation may return one of the following errors:

Response code and bodyDescription


Invalid headers. Example header: Authorization: Basic <ENCODED_CREDENTIALS>
400 {"error":"ERROR_AUTHENTICATION_NOT_VALID"} The request could not be authorized. Make sure you provided the correct credential.
403 {"error":"ERROR_AUTHENTICATION_CLIENT_DISABLED"}The request has been forbidden because access is disabled. Contact Conga’s customer service for further support.